Association rule learning for threat analysis using traffic analysis and packet filtering approach
The Mirai botnet source code, which was distributed on the dark web, is still changing as
malware designers modify it to produce more sophisticated varieties of the botnet—the …
malware designers modify it to produce more sophisticated varieties of the botnet—the …
i-DarkVec: Incremental Embeddings for Darknet Traffic Analysis
Darknets are probes listening to traffic reaching IP addresses that host no services. Traffic
reaching a darknet results from the actions of internet scanners, botnets, and possibly …
reaching a darknet results from the actions of internet scanners, botnets, and possibly …
FINISH: Efficient and Scalable NMF-Based Federated Learning for Detecting Malware Activities
5G networks with the vast number of devices pose security threats. Manual analysis of such
extensive security data is complex. Dark-NMF can detect malware activities by monitoring …
extensive security data is complex. Dark-NMF can detect malware activities by monitoring …
Aggressive internet-wide scanners: Network impact and longitudinal characterization
Aggressive network scanners, ie, ones with immoderate and persistent behaviors,
ubiquitously search the Internet to identify insecure and publicly accessible hosts. These …
ubiquitously search the Internet to identify insecure and publicly accessible hosts. These …
Mitigate: Toward Comprehensive Research and Development for Analyzing and Combating IoT Malware
K Nakao, K Yoshioka, T Sasaki, R Tanabe… - … on Information and …, 2023 - search.ieice.org
In this paper, we developed the latest IoT honeypots to capture IoT malware currently on the
loose, analyzed IoT malware with new features such as persistent infection, developed …
loose, analyzed IoT malware with new features such as persistent infection, developed …
Darknet Analysis-Based Early Detection Framework for Malware Activity: Issue and Potential Extension
C Han, A Tanaka, T Takahashi - 2022 IEEE International …, 2022 - ieeexplore.ieee.org
Most packets arriving in the darknet (or network telescope), which is unused IP address
space on the Internet, are related to indiscriminate scanning and attack activities. In recent …
space on the Internet, are related to indiscriminate scanning and attack activities. In recent …
Detecting Coordinated Internet-Wide Scanning by TCP/IP Header Fingerprint
A Tanaka, C Han, T Takahashi - IEEE Access, 2023 - ieeexplore.ieee.org
Adversaries perform port scanning to discover accessible and vulnerable hosts as a prelude
to cyber havoc. A darknet is a cyberattack observation network to capture these scanning …
to cyber havoc. A darknet is a cyberattack observation network to capture these scanning …
[PDF][PDF] Towards Long-Term Continuous Tracing of Internet-Wide Scanning Campaigns Based on Darknet Analysis.
C Han, A Tanaka, Jun'ichi Takeuchi, T Takahashi… - ICISSP, 2023 - scitepress.org
The darknet is an unused IP address space that can be an effective resource for observing
and analyzing global indiscriminate scanning attacks. Scanning traffic on the darknet has …
and analyzing global indiscriminate scanning attacks. Scanning traffic on the darknet has …
Federated learning for network traffic analysis
K Huang - 2023 - webthesis.biblio.polito.it
Darknets are formed by ranges of IP-addresses that do not host services. Darknets
constantly receive and record unsolicited traffic, making them valuable instruments to …
constantly receive and record unsolicited traffic, making them valuable instruments to …